thr3ads.net - Secure testing commits - [Secure-testing-commits] r10535

If this information is useful, please help other people find it:
Share via:

joeyh at alioth.debian.org

2008-Nov-29 21:14 UTC

[Secure-testing-commits] r10535 - data/CVE

Author: joeyh
Date: 2008-11-29 21:14:12 +0000 (Sat, 29 Nov 2008)
New Revision: 10535

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-11-29 17:16:12 UTC (rev 10534)
+++ data/CVE/list	2008-11-29 21:14:12 UTC (rev 10535)
@@ -211,6 +211,7 @@
 	NOTE: difficult to exploit
 	NOTE: see http://www.openssh.org/txt/cbc.adv
 CVE-2008-5185 (The highlighting functionality in geshi.php in GeSHi before
1.0.8 ...)
+	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (medium)
 CVE-2008-5160 (Unspecified vulnerability in MyServer 0.8.11 allows remote
attackers ...)
 	- msp-webserver <unfixed> (bug #506268)
@@ -791,6 +792,7 @@
 	- dovecot <not-affected> (Vulnerable code not present prior to 1.1.4)
 	TODO: check again if >= 1.1.4 gets uploaded
 CVE-2008-5186 (** DISPUTED ** ...)
+	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (unimportant; bug #504445)
 	NOTE: its rather an application bug if the input to set_language_path is
unfiltered user input
 	NOTE: http://comments.gmane.org/gmane.comp.security.oss.general/1152
@@ -1282,15 +1284,15 @@
 	[lenny] - wireshark 1.0.2-3+lenny2
 CVE-2008-4682 (wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers
to ...)
 	- wireshark <unfixed> (low; bug #503589)
-        [etch] - wireshark <not-affected> (Vulnerable code not present,
introduced in 0.99.7)
+	[etch] - wireshark <not-affected> (Vulnerable code not present,
introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
 CVE-2008-4681 (Unspecified vulnerability in the Bluetooth RFCOMM dissector in
...)
 	- wireshark <unfixed> (low; bug #503589)
-        [etch] - wireshark <not-affected> (Vulnerable code not present,
introduced in 0.99.7)
+	[etch] - wireshark <not-affected> (Vulnerable code not present,
introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
 CVE-2008-4680 (packet-usb.c in the USB dissector in Wireshark 0.99.7 through
1.0.3 ...)
 	- wireshark <unfixed> (low; bug #503589)
-        [etch] - wireshark <not-affected> (Vulnerable code not present,
introduced in 0.99.7)
+	[etch] - wireshark <not-affected> (Vulnerable code not present,
introduced in 0.99.7)
 	[lenny] - wireshark 1.0.2-3+lenny2
 CVE-2008-4679 (The Web Services Security component in IBM WebSphere Application
...)
 	NOT-FOR-US: IBM Websphere

Secure testing commits - Nov 2008 - r10535 - data/CVE

[Secure-testing-commits] r10535 - data/CVE